No announcement yet.

Hack attempts from banned users

  • Filter
  • Time
  • Show
Clear All
new posts

  • Hack attempts from banned users

    I am unsure as to how to phrase this exactly, and I am unsure as to the exact cause, but I do have a problem that is not only causing me grief, but is really starting to irrate our members, and my host is getting upset as well.

    We have recently had to ban a number of users for behaviours not tolerated on our site. They have been banned by email address, IP address, and even by altering their user account to Banned.

    One individual has managed to return to the site over and over again. Same Email address, and in many cases, the same IP address strings.

    How is this individual doing this??

    The second part of this issue, the more important one.

    I now have an individual(s) creating accounts, only to spam our board with porno advertising. In each case, I delete all posts, ban the root host to their Email (as the first 2 attempts they changed their email address) and ban the ISP IP Address Strings. This person has used an ISP from 3 different sources, one in brazil, one in the Netherlands, and recently a host out of Russia.

    I find it hard to believe that 3 or 4 individuals are doing the same thing on our forums. But, on the otherhand, I do not know how this person would be able to have valid accounts with ISPs at different corners of the world either.

    With this issue raised, I would really appreciate it if someone could tell me how to deal with this issue, without having to moderate Every Single Post, and Every Single New User. I do not want to loose our membership by causing such a delay in users making posts, and for new users to access the site.

    I also want to know how the original user manages to log back into our forums after being banned.

    I do know that once logged on, he stays there. Same as our newest members who are posting spam. Their posts are made with varying rime frames ... from post 1 to post 2, 2 minutes, then another 3 or 4 minutes before the next post... and so one. DO I need to stop members from making morte than one post every hour on the site?

    This issue is really getting under my skin. My host is threatening to shut us down because of the Porn Links on the site, and if this keeps on, a number of parents of our younger viewers (under 18) are going to want to sue my backside into the stone ages.... (atleast one parent has already threatened legal action because of this issue).

    Any serious help is greatly appreciated.
    Last edited by MrDarkWolf; Wed 5 Mar '03, 12:27am.
    A Day Without Learning Something New is a Day Wasted - Your Single Player Source

  • #2
    a nice permanent solution if a user is causing problems would be to put this in a .htaccess file

    Allow from all
    Deny from

    where is the users IP, it can also be placed in the httpd.conf

    Are the baning features enabled in the control panel?

    The porn email link is a problem effecting all vBulletin, its a bot that replies to every thread with the porn link. You should upgrade to 2.3.0 which has image verification in it to stop bots, if you do not with to upgrade then just turn on new registration moderation.
    Scott MacVicar

    My Blog | Twitter


    • #3
      There's a very nice hack over at that lets you moderate by user group. I put every "trusted" person into a group that requires no moderation, every new member goes into a group that requires moderator approval for posting and stays there until having posted one or two things that are OK. And if anyone who is "trusted" behaves like an idiot, I just move him over to the other group. This system stops the morons in their tracks.
      Steve Price


      • #4
        1. There is no way from within to stop someone from trying to access your forums through various URLs. If you set your permissions correctly, then all this person is seeing is the 'no permission' page. Scott's advice about htaccess will effectively ban him from even seeing the no permission screen.

        2. As was pointed out, you can upgrade to 2.3.0. Here is the original thread on this attack:

        Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
        Change CKEditor Colors to Match Style (for 4.1.4 and above)

        Steve Machol Photography

        Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


        widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.